“It starts with a compromised Apple ID. From there, the attacker uses Find My iPhone and places the victim’s device into lost mode,” Ragan writes. “At this point, they can lock the device, post a message to the lock screen and trigger a sound to play, drawing attention to it.”

Then they demand the ransom — usually $30 to $50 or all the data will be deleted.

And while you’re thinking about it, why don’t you activate two-factor authentication on any account you can — especially Google, which calls it “two-step verification” even though it’s really “two-factor” since it involves your phone, and Facebook, which calls it “Login Approvals.”